Webroot has revealed that 85 per cent of malware is now distributed through the web.
It also found that businesses are not adequately protecting themselves against web-borne viruses, spyware and employee behaviour that leads to security breaches, loss of intellectual property and release of confidential data.
In a survey of 648 web security product decision-makers in businesses across Australia, the United Kingdom, Canada and the United States, the company found that while businesses now depend on web applications to execute critical functions including customer support, research and ad campaigns, IT professionals are not adequately aware of the Web 2.0 world or the new set of threats it has introduced.
More than 85 per cent of organisations still rely solely on desktop defenses, which do not scan for malware in inbound web traffic. Only 15 per cent of the businesses surveyed reported solid enforcement of internet usage policies to reduce their organisations' vulnerability.
Peter Watkins, CEO of Webroot, said: “The amount of malware to email has dropped but spam that is transmitted via the web has increased rapidly, only 15 per cent of email is malware while 85 per cent of malware is from the web. People are putting up protections against email spam so spammers have started to use the web instead, and we see that very few people are putting in web protection. Google statistics show that the amount of malicious sites has risen from 0.3 to 1.3 in just ten months.”
Mike Irwin, COO of Webroot, said: “We found that web-borne malware increased over 500 per cent in 2007 as cybercriminals developed new ways to attack on-site and remote employees through personal web mail accounts, social networking sites and other Web 2.0 applications.
“In the current threat environment, businesses must utilise a web security solution that provides an additional layer of in-the-cloud protection for corporate and mobile users.
“However, awareness is only just beginning to grow among the IT professionals responsible for protecting these organisations. Nearly 30 per cent of the IT decision-makers we surveyed did not know if their organisation or its employees are using Web 2.0 applications. For better security, businesses must educate employees and use appropriate technology to monitor and manage their web activity in order to minimise risk.”